As I understand it, SSL involved the use of a public-private key pair. How does this enable two-way communication?
Suppose I have some server with which I wish to communicate securely. I connect to ...

What are the main differences between a nonce, a key and an IV. Without any doubt the key should be kept secret. But what about the nonce and the IV. What's the main difference between them and their ...

My Friend and I have been generating a few ssh2-rsa keys and noticed that all the public keys began with "AAAAB3NzaC1yc". The similarity extended to "AAAAB3NzaC1yc2EAAAABIwAAAQEA" between two keys I ...

Like people always say: “Attacks only get worse…” — which is why I'm asking early.
I have been reading the paper “RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis” published December 18, ...

When using Curve25519, the private key always seems to have a fixed bit set at position 2^254.
Why is that? Is there any good reason to use a fixed positioned most-significant-bit in the private key?
...

I'm working with a server/client system that has securely negotiated a private key. I need to encrypt/decrypt messages passing in both directions which are typically between 100 bytes to 100 KB. I'm ...

I'm working on a project where we need to encrypt a large number of files and store them on the cloud. And I'm wondering if the following process would be secure (we have a “Hardware Security Module” ...

How does GPG (or other programs using the OpenPGP file format) verify that it has succeeded with decryption (for symmetrically encrypted data)?
Is something appended to the clear text so there exist ...

In AES algorithm, in the key schedule,
Why does the expansion of a 256 bit key need an extra application of the S-box, unlike the expansion of 128 bit and 192 bit keys ?
(The obvious answer would be ...

I want to create a system to encrypt a document and store it with a 3rd party, but not have the 3rd party be able to decrypt it until some unspecified later date. It seems like the solution would be ...

I have two secret keys. One is a secret key generated by OpenSSL (primary secret key). Second key is generated by performing one way hash operation to GPS co ordinates and time parameters (geo secret ...

I've read that cracking 128-bit key is currently out of reach of all humanity. However, I can't seem to find any information on what scope of brute force attacks have been performed or are possible at ...

I'm developing application in Java that has to store RSA keys in software for foreseeable future (that is, at least 10 years).
The two most common standards of storing private keys are PKCS12 and JKS ...

I have been told that one advantage of using a hash function is that it spreads entropy over all input bits. But it also seems to be true that a bad hash algorithm can make things less random. But how ...

I am actually checking use of EAX AEAD mode, and following EAX spec review (scheme definition for my part), my question is: what about the derivation of the authentication and encryption keys? In the ...

So I'm messing around in the BouncyCastle library with the RFC 3394 AES Key Wrap engine and I'm trying to understand the benefit of it.
The problem I'm running into is how to store keys securely on a ...

I have an application where I want to be able to send an encrypted file, and then mete out "keys" that allow the receipient to decrypt the file from a certain point to the end of the file. Actually, ...

I'm working on software where multiple components will communicate with each other using SSL.
There would be one central component acting as a server, which would also require the clients to present ...

As I understand it, bruteforcing a Diffie-Hellman generated secret key takes $P-1$ attempts to crack the shared secret, where $P$ is a very large prime used for modulus. If your $P$ is quite large, ...